package org.apache.geode.security.templates;

import java.io.FileInputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.cert.X509Certificate;
import java.util.Properties;
import org.apache.geode.LogWriter;
import org.apache.geode.distributed.DistributedMember;
import org.apache.geode.logging.internal.log4j.api.LogService;
import org.apache.geode.security.AuthInitialize;
import org.apache.geode.security.AuthenticationFailedException;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:org/apache/geode/security/templates/PKCSAuthInit.class */
public class PKCSAuthInit implements AuthInitialize {
    private static final Logger logger = LogService.getLogger();
    public static final String KEYSTORE_FILE_PATH = "security-keystorepath";
    public static final String KEYSTORE_ALIAS = "security-alias";
    public static final String KEYSTORE_PASSWORD = "security-keystorepass";
    public static final String SIGNATURE_DATA = "security-signature";
    protected LogWriter systemLogWriter;
    protected LogWriter securityLogWriter;

    public static AuthInitialize create() {
        return new PKCSAuthInit();
    }

    public void init(LogWriter logWriter, LogWriter logWriter2) throws AuthenticationFailedException {
        this.systemLogWriter = logWriter;
        this.securityLogWriter = logWriter2;
    }

    public Properties getCredentials(Properties properties, DistributedMember distributedMember, boolean z) throws AuthenticationFailedException {
        String property = properties.getProperty(KEYSTORE_FILE_PATH);
        if (property == null) {
            throw new AuthenticationFailedException("PKCSAuthInit: key-store file path property [security-keystorepath] not set.");
        }
        String property2 = properties.getProperty(KEYSTORE_ALIAS);
        if (property2 == null) {
            throw new AuthenticationFailedException("PKCSAuthInit: key alias name property [security-alias] not set.");
        }
        String property3 = properties.getProperty(KEYSTORE_PASSWORD);
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            char[] charArray = property3 != null ? property3.toCharArray() : null;
            FileInputStream fileInputStream = new FileInputStream(property);
            try {
                keyStore.load(fileInputStream, charArray);
                fileInputStream.close();
                Key key = keyStore.getKey(property2, charArray);
                if (!(key instanceof PrivateKey)) {
                    throw new AuthenticationFailedException("PKCSAuthInit: Failed to load private key from the given file: " + property);
                }
                PrivateKey privateKey = (PrivateKey) key;
                Signature signature = Signature.getInstance(((X509Certificate) keyStore.getCertificate(property2)).getSigAlgName());
                signature.initSign(privateKey);
                signature.update(property2.getBytes("UTF-8"));
                byte[] sign = signature.sign();
                Properties properties2 = new Properties();
                properties2.put(KEYSTORE_ALIAS, property2);
                properties2.put(SIGNATURE_DATA, sign);
                return properties2;
            } catch (Throwable th) {
                fileInputStream.close();
                throw th;
            }
        } catch (Exception e) {
            throw new AuthenticationFailedException("PKCSAuthInit: Exception while getting credentials: " + e, e);
        }
    }

    public void close() {
    }
}
